Shellshock is a vulnerability in the Bash shell, a user interface that uses a command-line interface to access an operating system’s services. The current command Bash interpreter lets users execute commands on a computer. The vulnerability allows attackers to run malicious scripts in systems and servers, which compromises everything in it. It has the potential to do significant widespread damage, since it affects Linux, BSD, and Mac OS X. Linux alone powers a majority of the servers on the Internet and IoT (Internet of Things) devices.

Trend Micro Consumer products are not affected.

To get updates on our current investigation for all products using affected versions of Linux, refer to this article:
Trend Micro products and the Shellshock – Linux Bash Vulnerability (Bash Bug) [CVE-2014-6271 and CVE-2014-7169].

Further Reading:

• About the Shellshock Vulnerability: The Basics of the “Bash Bug”
• What You Need To Know About Shellshock, aka the “Bash Bug”
• CVE-2014-6271
• CVE-2014-7169